Information Technology Audits

acxell provides risk-based comprehensive Information Technology (“IT”) audits designed to meet the requirements of examination procedures as outlined in the Federal Financial Institutions Examination Council Information Systems Examination Handbook. We strive to ensure that your institution not only meets such stringent procedures head-on, but that it is in compliance with the requirements of the Gramm-Leach-Bliley Act Section 501 (b) (“GBLA”).

The acxell Approach

The objectives of the information technology audit are to evaluate the adequacy of internal controls, as applied to automated systems and the environment in which they function. This entails reviewing controls to ensure that only valid and authorized data is accepted and processed completely and accurately, and that the necessary information and records are provided on a continuing basis. acxell’s audit procedures focus on the total systems environment, with emphasis given, but not limited to:

• Data security, access controls, retention and recovery
• Input processing and output controls from authorization, and initiation of input to distribution of output
• Controls over modifications to networks, operating systems and applications
• Adherence to organizational, regulatory and legal policies and requirements

acxell’s Audit Scope

At acxell, we examine your IT environment by breaking it down into seven basic categories:

• Organizational and Management Controls
• System Security Administration and Access Controls
• Operational Controls
• System and Program Development
• Electronic Banking
• Disaster Recovery and Business Continuity Planning
• Physical Security and Control of the Environment